Newsletters: Newsbites

SANS NewsBites is a semiweekly high-level executive summary of the most important news articles that have been published on computer security during the last week. Each news item is very briefly summarized and includes a reference on the web for detailed information, if possible.

Spend five minutes per week to keep up with the high-level perspective of all the latest security news. New issues are delivered free every Tuesday and Friday.

Volume VI - Issue #2

January 14, 2004

Top Ten Cisco Security Vulnerabilities Project Update. The project team has identified seventeen vulnerabilities that appear to be critical. You can help with the next step of prioritizing the 17 to help the team select the Top 10. Then the team will develop a guide organizations can use to protect themselves against exploits of the Top Ten. If you are willing to help by rating the 17 candidates, send email to info@sans.org with the subject Cisco Top 10.

TOP OF THE NEWS

Banks Warn Customers About Phishing Scams (12/13 January 2004)

With phishing scams on the rise, banks are warning their customers to be wary of suspicious e-mail, especially if it guides them to a site that asks for personal details that could be used by identity thieves. -http://www.theage.com.au/articles/2004/01/13/1073877805257.html-http://www.forbes.com/business/newswire/2004/01/12/rtr1207254.html-http://news.zdnet.co.uk/0,39020330,39119033,00.htm[Editor's Note (Pescatore): Warning users is mostly just a way to avoid liability. We really need to see the basic Internet infrastructure support a "Caller ID" function to give consumers at least the equivalent defense of what they have on telephone solicitations. This would need innovation at the browser end, which has been sorely lacking for the past several years.(Grefer): Banks could take a step toward eliminating this problem by cryptographically signing all communicating with their customers. ]

Almost Half of KaZaA Files Contain Malware (6/9 January 2004)

Research from TruSecure, a company specializing in risk management, found that 45% of files downloaded from KaZaA contained malware. TruSecure senior analyst Bruce Hughes encourages companies to educate their employees about the security risks involved in peer-to-peer file sharing. -http://www.zdnet.co.uk/print/?TYPE=story&AT=39118915-39020330t-10000025c-http://www.wired.com/news/print/0,1294,61852,00.html[Editor's Note (Pescatore): I'd rather see companies first block programs like KaZaA, and then educate their employees why they shouldn't be trying to download potentially stolen intellectual property. If more universities implement things like the University of Florida's ICARUS software, maybe the next generation of college hires will not take stolen music for granted. ]

Microsoft Announces January Vulnerabilities:

One In ISA Is Critical Microsoft released three vulnerability versions. The one involving Internet Security and Acceleration (ISA) Server (ISA) is a buffer overflow that could allow malicious code to be run by a remote attacker. The problem is widespread because Small Business Server 2000 and Small Business Server 2003 are both vulnerable. -http://www.techweb.com/wire/story/TWB20040113S0015************************ SPONSORED LINKS ******************************
Privacy notice: Most of these links redirect to non-SANS web pages.

(4) Check Out SANS New School Store With Current Specials! Just released books on Business Law, Securing Solaris, Computer Security Incident Handling, books by SANS faculty, and Step-By-Step Guides. Current special: Oracle Security, 7 Pack Guides, and T-shirts.
https://store.sans.org

THE REST OF THE WEEK'S NEWS

Microsoft Extends Support for Older Versions of Windows (12 January 2004)

In an "effort to respond to customers' needs around the world," Microsoft has announced that it will continue extended support for Windows 98, 98 Second Edition and Me through June 2006. Microsoft had previously announced it would discontinue support for Windows 98 and 98 SE on January 16, 2004; support for Me was scheduled to end on December 16, 2004 Continuing support for these operating systems will also make it reasonably certain that hotfixes that repair security-related vulnerabilities will continue to be created and released. -http://www.eweek.com/print_article/0,3048,a=116205,00.asp-http://www.computerworld.com/printthis/2004/0,4814,89010,00.html[Editor's Note (Schultz): This is really not good for security. These operating systems are for the most part devoid of security capabilities. ]

NSA Funds Insider Threat Project (12 January 2004)

The National Security Agency's Advanced Research and Development Activity (ARDA) is funding a project aimed at protecting computer networks from insider threats. The Voltaire system plans to integrate existing technology to detect suspicious activity and enforce access control. Voltaire is being designed for the intelligence community and should be ready for testing this summer. -http://www.gcn.com/vol1_no1/daily-updates/24622-1.html More information on ARDA: -http://www.ic-arda.org/

DARPA to Sponsor Ad-Hoc Mobile Network Workshop (7 January 2004)

The Defense Advanced Research Projects Agency (DARPA) plans to sponsor a workshop on defending mobile ad-hoc networks. DARPA's interest stems from the Defense Department's "emerging network-centric warfare systems" and the likelihood that those networks will experience attacks and software failures. The workshop is scheduled for February 18 in Arlington, VA. -http://www.fcw.com/fcw/articles/2004/0105/web-darpa-01-07-04.asp

Middle School Student Suspended for Using DOS Messaging System (6 January 2004)

A thirteen-year-old Texas middle school student was suspended for three days because he sent a message saying "Hey" to every computer in the school using an old messaging system his father taught him while tutoring him about DOS (the operating system). The columnist feels that the punishment was far too harsh for the student's actions, particularly because his actions were not forbidden by any written school policy. -http://www.dfw.com/mld/dfw/news/columnists/dave_lieber/7643262.htm

Please feel free to share this with interested parties via email, but no posting is allowed on web sites. For a free subscription, (and for free posters) or to update a current subscription, visit http://portal.sans.org/